FEATURE Client Server

From Fail2ban
Revision as of 11:52, 17 May 2006 by Lostcontrol (Talk | contribs)

Jump to: navigation, search

Client/Server architecture

Until version 0.6, Fail2ban daemon is simply an application running in background and detached from any terminal. It do not allow reconfiguration of the daemon while it runs or any quite of communication with it.

Fail2ban is split into two parts:

  • Server
  • Client

The Server part monitors log file(s) and executes actions when a host has to be banned. The configuration of the Server is done by the Client which take care of reading configuration files. Communication between the Client and the Server is done through a socket. A protocol is defined. This allows dynamic reconfiguration of the Server and communication with it in order to retrieves, per example, statistics.


  • Commands are serialized before sending. Every command must end with the string <F2B_END_COMMAND> which is used to detect the end of a command. The flag <F2B_END_COMMAND> is added at the end of the serialized string.
  • Everytime a command is sent to Server, this reply with the status of the executed command.

Commands are splitted into several categories:


add <Jail> Create a new Jail
start <Jail> Start the Jail
stop <Jail> Stop the Jail
quit Quit the daemon



set loglevel <value> Set the log level to the value


set <Jail> idle <value> Set the Jail idle flag to value (on|off)


set <jail> logpath <value> Set the path value of the log file for Jail
set <jail> timeregex <value> Set the regular expression value matching the date format for Jail